<?php
require_once("../admin_config.inc.php");

class question
{
    private $table = null;
    
    function __construct()
    {
        // create a connection to the database
        $db = connect_db();
        
        $this->table = "questions";
    }
    
    function addQues($desc_orig,$level_orig,$tagline_orig,$questype_orig)
    {
        // Don't allow some smartass to take control over the database, escape the inputs buddy
        $desc = mysql_real_escape_string($desc_orig);
        $level = mysql_real_escape_string($level_orig);
        $tagline = mysql_real_escape_string($tagline_orig);
        $questype = mysql_real_escape_string($questype_orig);
        
        // data array contains key-value pairs corrosponding to table columns and values
        $id = mt_rand();
        $data = array(  'ques_id' => $id,
                        'ques_desc' => $desc,
                        'diff_level' => $level,
                        'tagline' => $tagline,
                        'questype_id' => $questype );
        $keys = implode("`,`",array_keys($data));
        $values = implode("','",$data);
        $add_query = vsprintf("insert into {$this->table}(`%s`) values('%s')",array($keys,$values));
        
        $add_res = mysql_query($add_query);
        return $add_res;
    }
    
    function delQues($quesid_org)
    {
        $quesid = mysql_real_escape_string($quesid_org);
        
        $del_quer = "delete from {$this->table} where ques_id = {$ques_id}";
        $del_res = mysql_query($del_quer);
        
        return $del_res;
    }
    
    function editQues($edit_values,$qid)
    {
        $qid = mysql_real_escape_string($qid);
        foreach($edit_values as $key=>$value)
        {
            $key = mysql_real_escape_string($key);
            $value= mysql_real_escape_string($value);
            
            $edit_values[$key] = "$key='$value'";
        }
        
        $setvalue = implode(",",$edit_values);
        $update_quer = "update {$this->table} set {$setvalue} where ques_id ={$qid}";
        
        $update_res = mysql_query($update_quer);
        return $update_res;
    }
}
?>
